Re: Hey it's the Rand'ster!! Doing the Rand'ster things.
Hey Elon, you really need to cut back on your toking.
12863 posts • joined 12 Feb 2011
I don't trust smart locks just yet
Just yet? You mean you foresee a day when you will? What's the possible advantage of a smart lock over a mechanical lock, other than not having to carry a key?
Companies like Google, Apple and Microsoft, who have unlimited resources and employ some of the smartest people around don't get security right all the time. Does anyone really believe that a company like Yale with a fraction of their resources and probably none of the smartest people around should be trusted with the security of their home, or their business from which they make their livelihood?
Mechanical locks aren't perfect, but the risks are known and can be mitigated such that it would be easier for a thief to enter via another method than the door. With an electronic lock you have the ever-present risk that a remotely exploitable 0 day could be found against it.
Its conceivable someone could hack Yale's system and set every electronic lock of theirs to permanently open, or permanently locked, so that having your lock replaced would be the only fix!
People buy ChromeOS devices because they are cheap. That's why they've been popular with schools, they don't buy the devices and then spend 1-2x that much on support/licensing during their lifetime. No school is going to buy a $1600 ChromeOS slate - they could buy 5 iPads for that, or three iPad Pros, and have tons of software designed for the iPad available to them. Or they could buy god knows how many ordinary Android tablets, which may have to mostly make due with phone apps but at least they get the bigger screen.
So who is the customer here? Enterprises? They are still on Windows, and sure aren't going to spend as much on a single ChromeOS device as they spend on fancy laptops or Surface Pros for their C-suite people. Consumers have little use for ChromeOS, given that ChromeOS devices have almost no pricing advantage over cheap Windows tablets - they sure aren't going to be dumb enough to spend $1600 on this thing. They wouldn't buy it even at half the price.
Do Google managers get bonuses based on creating products, and then further bonuses based on canceling them? The number of products they introduce and then kill suggests that may be the case!
They have to prioritize modems if they have a contract with Apple requiring delivery of a certain number of modems at a certain time. And there is a 100% chance there is such a contract, because there's no way Apple would agree to go exclusive with Intel modems if they had to bear the risk that Intel might decide "sorry we decided we'd rather make x86 CPUs than modems, guess you'll have to tell customers to wait months for delivery of their iPhones"
Since Intel thought they'd have 10nm up and running when this contract would have been negotiated a couple years ago, they never imagined it would end up causing a shortage of x86 CPUs.
Prima facie, there does not appear to be any shortage of iPhones (particular SKUs like Max 512GB might have order delays, but not all models) so obviously they are getting all the modems they need from Intel. The nearly 100 million modems Intel will have shipped to Apple by the end of the year is using up a LOT of 14nm fab capacity.
Given that the shortage started right about the time they would have needed to ramp up production of modems for Apple, I think that's the culprit. Back when Intel and Apple made these plans - probably a couple of years ago - Intel believed they'd have 10nm up and running by now.
Interesting that the shortage is supposed to last six months. Does that mean Intel will be getting additional capacity online, or that as iPhone sales have their usual cyclic drop in spring/summer they won't need as many modems? Assuming Apple uses Intel modems again next fall, this could again be an issue if Intel is still having problems making their 10nm process work. They claim they will have 10nm systems on shelves in time for the 2019 holidays, but that's pretty nonspecific. Having 1000 such systems would qualify, but wouldn't help any 14nm shortage.
If people want to download an alternative/free office product for their Windows PC, they might download OpenOffice because that's what they had on their old Windows PC - many won't have heard about the LibreOffice split.
I wonder how many people who downloaded OpenOffice would have downloaded LibreOffice if they knew the latter was actively maintained and had advanced a lot over where OpenOffice is during the last few years? I'd guess probably 99% would.
OpenOffice's download numbers simply aren't indicative of great interest in it, and if its few remaining developers believe that they are fooling themselves. If there was still a browser called 'Netscape' I'm sure it would garner millions of downloads a year, simply because of the mindshare that name accumulated 20 years ago.
Should I not be leaving my laptop plugged in for days at a time? I assumed the charge controller circuitry in the battery would let some cells discharge, then charge them up and let others discharge, to spread around the wear. Topping out at 50% charge is a really shitty solution to this issue!
What difference does it make? You can complain about wasting a little space, but phones these days are not exactly low on storage so why do you need to actually remove an app?
Of all the reasons to complain about how Google operates Android, this is WAY down in the noise.
They don't have the hardware to do it, but I wonder if the contract requires that? They could be the entrance for the cloud, with the data encrypted (again, no doubt) and then passed on to be stored on someone else's cloud, or multiple someone else's cloud.
So they get paid the $10 billion, and pay $1 billion each to Amazon, Google and Microsoft, to store the data and keep the rest for themselves for hookers and blow. Then the Pentagon says "we need to store more data" and are told "OK, give us another $10 billion".
Facebook had already soared by the time Google+ came along. Back when Google+ first came along I wanted it to beat Facebook, because back then I still believed Google was a force for good. Now I'm VERY glad that Google+ failed, because they already have so much personal data they don't need all the data that Facebook has as well.
Plus at least with Facebook it is your decision whether you give them anything. With Google you can minimize what they get on you but can't eliminate it entirely, due to their advertising network that means they know when you visit pages all over the web.
If they didn't think 500K users "met their internal thresholds" for notifying users of a breach, what is that threshold? 5 million? 500 million?
This shows we can't even trust Google to reveal a breach of our data when it happens - and of all the platforms to have your data stolen from, Google is by far the worst due to the amount of data they have and the difficulty in avoiding them due to their advertising tentacles that extend to every corner of the web.
So what is the GDPR penalty for this breach, and how many EU users have to be compromised for Google to be fined into bankruptcy?
but I am concerned about 'things made in China' a bit more than I was before
The problem is, you might be more concerned but there's little you can do about it. It is almost impossible to purchase any modern electronics that are 100% free of anything made in China. Off the top of my head the only computer not made in China is the iMac, which is made in a factory in Cork, Ireland - but the motherboard is almost certainly made in China, and many of the chips on it would come from mainland China or Taiwan. Pretty much impossible to buy a wifi router that wasn't made in China, you might find some phones and TVs made in South Korea instead but almost certainly some components in them come from China...
Of course like I always say, given a choice between being spied on by the US government or by the Chinese government, as an individual I choose the latter (obviously I'd choose differently if I'm talking about systems the DoD is using) The way I figure it, if the US government doesn't like what I say or do they can make my life a lot more miserable than China's can if they don't like what I say or do. And since I live in the US, and not China, the US government is a lot more likely to want to spy on me than China.
It has been the NYT and Washington Post that have broken most of the big stories that made Trump look bad (i.e. what he considers "fake news") but if Bloomberg was fooled then I wonder if it'll turn out the story was fished to the Times & Post and they didn't bite. If they were approached with that story and decided against it, I'm sure they are furiously tracking it now to see if they can determine whether its true or false.
Skeptical of the short theory - the SEC can track that too easily since Supermicro is the only target you could reasonably short. Who else could be duping Bloomberg, and why? They said they talked to the FBI, and I'm sure they'd connect to their sources through the FBI main number at least once to verify they really worked for the FBI.
Given the divide between the Trump administration and the FBI, I suppose its possible if the administration had a few people within the FBI make these claims, supply contacts with "Apple" and "Amazon" that weren't, to fool Bloomberg into posting this story. It is quite timely given Trump's battles with China - maybe the idea was to get the public behind his trade war even things don't turn out as rosy as Trump naively believes.
For Trump's admin it is no lose - if they get away with it they get the public on their side even if the China trade war gets messy and long lasting, If they get caught they blame the FBI and say see "this is proof they are incompetent and the top people should be fired" so they can sabotage Mueller's investigation.
If they shot it down they'll say "they were suspicious of it" and that will be all the proof they need. The police in the US kill people who don't pose a threat and claim "I felt my life was being threatened" and all too often juries accept that - though fortunately that's beginning to change as it is finally started gaining much needed press attention the last couple years.
Until people are no longer killed without justification, no one is going to care about drones getting shot down without justification.
Intel also has huge fabs in Arizona and Oregon. They produce the majority of their chips inside the US. Fabbing is not particular dirty, though it is rather water intensive (yeah, I don't know why they have fabs in Arizona, either)
Fabbing of chips is just a minuscule percentage of the overall supply chain though, and building stuff in the US isn't necessarily a solution. Who says the CIA can't bribe or infiltrate a US company? As far as the board in my home PC, I'd rather have it bugged by China than the US. I don't have to deal with the Chinese government since I don't live there, and they don't have any reason to care what I do or say. I can't make the same claims about the US government, so them having a spy in my PC is a much bigger deal as far as I'm concerned.
If I was a Chinese citizen I'd rather have the US government spying on me than the Chinese government, but unfortunately for them it is a choice between China or China AND the US, not either/or...
What hard evidence could they POSSIBLY provide that would change the minds of those who believe this is a US government plot against China? If they made samples of the hardware available for people to look at, how can you tell it was designed by China instead of the US? If they had logs of the chips contacting a Chinese controlled C&C server, how do you know that really happened, or that C&C server wasn't a CIA front? Hell, if they had emails from China's president to their hackers saying "have we stolen Apple's A12 design yet?" signed with his private key, they'd claim the NSA has the technology to break the email encryption/signing that China's president uses.
Once people go down the conspiracy theory rathole, no amount of evidence can possibly change their minds. Everything you show them will become part of the conspiracy. Look at the moon landing deniers, who have crazy explanations for everything from lunar dust samples to the retroreflective mirrors astronauts left behind that are part of the grand conspiracy to fool people into thinking we landed on the moon.
What effect? Both Amazon and Apple had their share price fall the past couple days, but it doesn't appear to be related to this article, since the NASDAQ as a whole fell more than Apple did and some stocks like Netflix fell more than twice as much. You could argue "the tech industry fell over worries these attacks might be widespread" but why would anyone have that worry about Netflix? Is someone going to care that China finds out what kind of movies they like?
I'd argue that the story actually makes Apple and Amazon come out looking really good. They detected the attacks quickly, when they were isolated rather than widespread throughout their infrastructure, and they acted immediately to get rid of the compromised hardware. How many other companies would have even figured this out? Think about how often you read about companies that have had hackers inside their systems for months if not years undetected - and it is FAR easier to find software nasties in your systems than a tiny component the size of a pinhead on your server boards. I mean, there's a whole selection of software designed for identifying and neutralizing malware, but you're on your own finding spy hardware.
You should be worried, your cat is being affected by wifi radiation and will soon get superpowers like being able to leap 5x its height and fit itself into even the smallest box you have left lying around. If your cat already can do these things, it is too late....run!
Bloomberg charges a LOT of money to traders for their information, including early access to their stories. They aren't going to risk a multi billion dollar business on a story they aren't 100% confident in. That doesn't mean they can't get fooled if the CIA threw its full weight behind trying to fool them, but I think it is more likely that Apple and Amazon's denials are either wrong or were somehow coerced.
Most likely wrong - if only a few people in each company learned of the issue before contacting the FBI, and they were then told not to tell anyone else, yesterday's denials are easily explained. Press contacts Apple / Amazon spokesperson for comment. They contact various executives asking "do we have any comment on this story" and the executives all know nothing about it and neither do their underlings they talk to - because the odds of finding the three or four people who do know about it are tiny - so the spokesperson reports back that the story is false.
The employees who apparently went to the press (perhaps they were worried other US companies without their resources would be unknowing victims if the government kept the story hush hush forever) aren't likely to fess up to others in their company now - because it would be obvious they had leaked info to the press about it and the company would think "if you leak this, you might leak other stuff, so here's your severance package goodbye"
The story said Amazon had only found servers with the spy chips in their Chinese datacenter. Apple found it in a limited fashion as well. These weren't across the board "wow, we have to replace everything in all our datacenters".
It seems both companies do some very robust checking of the boards they are shipped, since it was noticed rather quickly. It goes without saying that 99.99% of companies don't even check the boards in their servers to look for a tiny component that doesn't belong. The main reason Amazon and Apple did was because like other major 'cloud' companies such as Google, Facebook, Microsoft etc. they design their own boards, and want to verify what they are shipped matches their design.
That's why the spy chip was apparently disguised to look like a passive component, hoping it would be ignored as something to address RF or electrical issues.
You're assuming the stock price drop had anything to do with this news. Google, Netflix and Tesla had a drop double the size of Apple and Amazon's and they weren't named in the story. Who would really care if the Chinese were spying on Netflix, they gonna find out about your weekend binge watching habits? Hard to see how Netflix's drop could have anything to do with this story.
This was just an across the board tech stock drop, just like some days there's an across the board tech stock gain. Now one can argue the reason everything dropped was concern over this hack, but if so it didn't hurt Apple and Amazon worse than other companies. Indeed, Apple fell slightly less than the NASDAQ index as a whole.
If this was an evil stock market short plot, it wasn't very well executed. You'd much rather get one or a few really big stock drops, not a minor 2-3% across the board drop. The SEC polices these things pretty well too - no doubt they will be examining the trading patterns around Supermicro stock (the only one that really took a big plunge) to see if someone sold a bunch of it short recently, or made unusual put option purchases.
The ME backdoor requires you already have access to the local LAN to exploit it. This spy chip attack is can be leveraged from halfway around the world, it would only fail if the network the server is on is completely isolated from the internet.
Plus the ME backdoor goes away once it is found and patched. The spy chip attack lives for the life of the hardware, with no way to disable it short of putting the motherboard in an industrial shredder.
Apple issued another denial that specifically said they aren't under any national security gag orders. I suppose if you were under a national security gag order capable of making you issue denials, it could make you issue a "we aren't under a gag order" denial.
Given the report that this was closely held within Apple, maybe when Apple was reached for comment and they internally contacted "people who would know about this" they simply didn't reach the people who did know. That is, Apple issued a denial because as far as they could tell, the denial was true. If a few engineers find something like this and report it to their manager, who says "let's take it to the FBI" and the FBI says "please don't talk about this with anyone else" it only gets as high as that low level manager.
IMHO it is quite plausible that when Apple spokespeople were contacted for comment, no matter how thorough they were in looking for any evidence that this story was true, they can't talk to everyone in the company so they might simply have not talked to the right people. The question is, if true, would those right people see the story in the press and that Apple has issued and decide to tell their higher-ups so Apple gets the story straight? Or would they keep their mouth shut, and figure correcting the record now will only make things worse?
The fact Fox News brings a few token liberals that deliberately make arguments filled with holes so the conservatives can "win" does NOT make them balanced. Until a couple years ago, Fox News was definitely right leaning but I wouldn't call it biased. It went completely off the rails though after Trump won the nomination, and seems to become worse as time goes on. Now it is basically the equivalent of what Pravda was in the days of the USSR.
I'll bet I could categorize left or right at least that well just based on the names of the sites, without seeing any content at all! Since an "AI" can't understand articles well enough to determine political slant beyond word analysis, and has no way of ascertaining factual accuracy unless it has already been told by people some facts to compare with, it all seems rather pointless.
Hyper partisans see themselves as being only slightly left or right of center - they believe they are part of the "silent majority" in the country. Any evaluation of a source as "left" or "right" (let alone "center") will not be accepted by those who most need to be slapped upside the head and told they are an extremist. They judge "facts" based on the partisan news sources they choose (which they don't see as biased) and when the AI judges the truth or untruth of those "facts" differently they'll simply claim the AI is biased and reject it.
Oh please, can we stop these ridiculous fear mongering partisan claims? They weren't true when conservatives were floating FUD about Obama canceling elections due to some unspecified national emergency, and they aren't true now when liberals float the claims Trump will.
We managed to have elections during WW II, which was about as serious as war gets, so another Iraq halfway around the world isn't going to provide anyone such an excuse.
Most Chinese phones and a growing number in Russia and India are non AOSP Android. I saw a stat yesterday that claimed Google free AOSP Android had a world market share of 27% - almost double the share of iOS, and growing at a nice clip.
And now it looks like Microsoft might introduce their own AOSP Android fork for the west eventually, and while I'm sure they won't compete with iOS market share, when you combine it with other AOSP based forks Google may be in danger of having their software in a minority of Android phones within a few years.
So what does Huawei need with their own OS, exactly?
I don't want to see Netgear advertising "Wifi 6 turbo" or Dlink with "Wifi 6+" as it would lead to more confusion, not less.
Look at what happened with 3G/4G and inevitably 5G. Not that those were "official" standard names, but 3G was whatever you decided to call 3G. We all remember when AT&T decided HSPA+ was "4G" because Verizon was getting LTE out the door a few months before they were and they wanted to claim they were first with 4G. I expect the same games to be played with 5G, with companies implementing LTE-A cat 20 and calling it 5G because it is fast (despite not having the one real advantage of 5G, the reduced latency)
At least with 802.11ac you didn't see companies pulling that, they just advertised on meaningless speeds, as if it matters to anyone if their router is capable of 3100 Mbps vs 5300 Mbps. I hope we will see routers that do 802.11ax and WPA3 with just 2 or 3 antennas. They won't have the headline speed, so hopefully wouldn't have the headline price. The one true advantage of 802.11ax is the OFDMA - and even that only matters if you have a LOT of device contention. What I really is WPA3, but I have a suspicion it won't be possible to upgrade existing routers (because why should manufacturers want that) so we'll probably be forced to buy Wifi 6 routers to get it.
Biting the hand that feeds IT © 1998–2019